MAGIC PIDs (was Re: magic??)

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Pete Shipley: "Re: MAGIC PIDs (was Re: magic??)"
• Previous message: robert owen thomas: "magic??"
• In reply to: robert owen thomas: "magic??"
• Next in thread: Pete Shipley: "Re: MAGIC PIDs (was Re: magic??)"

> 
> hello, list-folk--
> 
> the other day, i happened to join a conversation about Unix security with
> a couple of fellows at a local bookstore.  one of them mentioned the "magic"
> hole.  i have heard mention of this hole before, but i assumed the hole
> no longer existed.  apparently, this was a hole in /bin/login.  does anyone
> else remember this?  the last time i heard mention of it was *several*
> years ago, hence my assumption.  then again, i recently spotted an old
> sendmail hole ("wizard") at a site, so one can never really assume anything,
> yes?

This is probably associated with the MAGIC PID SUBSYSTEM which has
been implemented on a number of popular UNIX's.  Basically processes
that acquire a MAGIC PID have special powers and can do 'magical' things.

If a hole is found in a program (such as /bin/login) which is executing
in a process with a MAGIC PID, it is said to have a 'magic hole'.

LINUX is generally recognised as having the most complete MAGIC PID
implementation.  The benefits of MAGIC PIDs was discussed widely on IRC's
#unix and #root about 12 months ago.  For more info, I guess you could
try the usenet LINUX or security groups.

------------------------------------------+-----------------------------------
Mailed using ELM on FreeBSD               |                    Karl Strickland
PGP 2.3a Public Key Available.            | Internet: karl@bagpuss.demon.co.uk
                                          |

• Next message: Pete Shipley: "Re: MAGIC PIDs (was Re: magic??)"
• Previous message: robert owen thomas: "magic??"
• In reply to: robert owen thomas: "magic??"
• Next in thread: Pete Shipley: "Re: MAGIC PIDs (was Re: magic??)"